•The Ransomware is spreading through Phishing Emails sent to users with a malicious attachment that will infect the user machine once opened.

•The Ransomware consists of two components: a worm and a ransomware package.

•After infecting a user machine, it exploits a vulnerability known as "MS17-010" to infect other machines on the same network in order to spread and infect much more computers/file-share servers using “EternalBlue” exploit and DOUBLEPULSAR backdoor.